A week ago, we echoed a huge Facebook user data leak, which had left 533 million uncovered phone numbers, with almost 11 million Spanish numbers affected.
Now, Motherboard has spread the existence of another user database, apparently without any connection to the previous leak, which is also available on the Internet. This could indicate the existence of a new massive leak, or a large-scale extraction effort (via web scraping) of user data.
A bot in Telegram that provides personal data (upon payment)
This database is available - upon payment - through a bot in Telegram which can be used to show the phone numbers of those users who liked a certain Facebook page (among those contained in its database, so it will not reflect the total number of 'likes').
To use the bot, your customers must enter the unique identification code of the fanpage in question (There are free tools that provide this number from the URL).
Based on the number of phone numbers linked to the fanpage, the bot will provide a budget, which must be paid before having access to personal data (not only the number itself, but also gender and full name):
"For example, by entering the Motherboard page itself [el bot] it returned 134,803 results, at a cost of $ 539. "
Despite being an illegal tool, the bot we are talking about has the luxury of even offering 'freemium' services: if the fanpage you are interested in has less than 100 likes, the data is provided free of charge.
If the phone numbers leaked from Facebook and sold through a bot in Telegram it gives you a déjà vuIt is because only a few months ago another similar case was detected. However, the phones of this new bot do not correspond to those known in January either.
According to Motherboard, its editors were able to verify that
Phone numbers offered by the tool not only they are true, but they are not among those available in the leak released last week (of which we can know if we have been victims by entering our phone number in Have I Been Pwned).
The names provided by the tool correspond to Facebook users who, indeed, like the indicated pages to the bot.
According to Alon Gal, co-founder and CTO of cybersecurity intelligence company Hudson Rock, the usefulness of this tool is clear: power resell the data obtained to third parties presenting them as 'potential customers' based on the theme of the page in question.
From Genbeta, we have contacted Facebook, and we will update the article with your comments when we receive a reply.